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Abstract. We examine the relationship between the algebraic X-calc- 
ulus, a fragment of the differential A-calculus and the linear- algebraic 
X-calculus, a candidate A-calculus for quantum computation. Both cal- 
culi are algebraic: each one is equipped with an additive and a scalar- 
multiplicative structure, and their set of terms is closed under linear 
combinations. However, the two languages were built using different ap- 
proaches: the former is a call-by-name language whereas the latter is 
call-by-value; the former considers algebraic equalities whereas the lat- 
ter approaches them through rewrite rules. 

In this paper, we analyse how these different approaches relate one to the 
^y-,' ] other. To this end, we propose four canonical languages based on each of 

pvj ■ the possible choices: call-by-name versus call-by-value, algebraic equality 

versus algebraic rewriting. We show that the various languages simulate 
one another. Due to subtle interaction between beta-reduction and al- 
gebraic rewriting, to make the languages consistent some additional hy- 
potheses such as confluence might be required. We carefully devise the 
required properties for each proof, making them general enough to be 
valid for any sub-language satisfying the corresponding properties. 



1 Introduction 

Algebraic X-calculi. Two algebraic versions of the A-calculus arise independently 
in distinct contexts: the algebraic A-calculus (\ a i g ) [26] and the linear algebraic 
A-calculus (Xn n ) [6]. The former has been introduced in the context of linear logic 
as a fragment of the differential A-calculus [14] : the algebraic structure allows to 
gather in a non deterministic manner different terms, i.e. each term represents 
one possible execution. The latter has been introduced as a candidate A-calculus 
for quantum computation: in Xu n , a linear combination of terms reflects the 
phenomenon of superposition, i.e. the capability for a quantum system to be in 
two or more states at the same time. 



Four languages with different behaviours. In both languages, functions which are 
linear combinations of terms are interpreted pointwise: (a.f + /3.g) x — a.(f) x + 
P-(g) x, where "." denotes the scalar multiplication. The two languages differ 
on the treatment of the arguments. In Xu n , in order to deal with the algebraic 
structure, any function is considered as a linear map: (/) (a.x+P.y) — >* «•(/) x+ 
/3.(/) y, reflecting the fact that any quantum evolution is a linear map. It reflects 
a call-by-value behaviour in the sense that the argument is evaluated until one 
has a base term. In the opposite, X a i g has a call-by-name evolution: (Xx M) N — > 
M[x :— N], without any restriction on N. As a consequence, the evolutions are 
different as illustrated by the following example. In Xu n , (Xx (x) x) (a.y+fi.z) — >* 
a.(y) y + /3.(z) z while in X a i g , {Xx (x) x) (a.y + (3.z) — » (a.y + (3.z) (a.y + f3.z) — 
a 2 .{y) y + a/3.{y) z + (3a.(z) y + fi 2 .{z) z. 

Because they were designed for different purposes, another difference appears 
between the two languages: the way the algebraic part of the calculus is treated. 
In Xii n , the algebraic structure is captured with a rewrite system, whereas in 
X a ig terms are considered up to algebraic equivalence. 

The two choices - call-by- value versus call-by-name, algebraic equality versus 
algebraic reduction - allow one to construct four possible calculi. We name them 
X hn , X hn , X al , and A~ z , see Figure I where they are presented according to their 
evolution policy and the way they take care of the algebraic part of the language. 

Inspired by Xu n and X a i gi the operational semantics of the four languages we 
introduce slightly differ from the original ones for focusing on the particularities 
of the calculi we are interested in: reduction strategy and handling of algebraic 
structure in programs. 

A first modification is that in all four languages, we avoid reduction under 
lambda abstractions. As a consequence, contrary to X a i g , the A-abstraction is not 
linear anymore: Ax (a.M+ft.N) ^ a.Xx N+[3.Xx N. This restriction is a common 
restriction: reducing under A could be considered as "optimising the program. 
Also note that since we consider A^ with algebraic rewrite rules instead of 
the equalities used in X a i g , we need two extra rules: a.M + M — > (a + 1).M 
and M + M — > (I + 1).M. These rules were not needed with equalities, since 
M = l.M. 

Concerning X~j* n and A Kn , restrictions originally imposed in Xu n on the rewrite 
system to ensure confluence are replaced by restrictions which make X lin and X^ in 
actual call-by-value languages. For example, the rule (M + N) L — > (M) L + 
(N) L when M + N is closed-normal form is replaced by only asking L to be 
a value. Notice that even in the original language Xu n , waiving the restrictions 
makes sense when confluence can be ensured by other means, see e.g. [3, 22]. 

Contribution: relation between the four languages through simulation. Although 
these languages behave differently, we show in this paper that they simulate each 
other. This result connects works done in linear logic [11-14,16,17,20,25] and 
works on quantum computation [2-5, 7, 10, 22, 24]. 

We show that call-by-value algebraic A-calculi simulate call-by-name ones 
and vice versa by extending the continuation passing style (CPS) [18] to the 
algebraic case. We also provide simulations between algebraic equality and alge- 



braic reduction in both directions. The simulations we prove are summed up in 
Figure 2. The solid arrows stand for theorems that do not require confluence in 
their hypothesis whereas the dashed arrows stands for theorems that do. 
A preliminary version of this work was presented in [9] . 

Consistency. Without restrictions on the set of terms, both algebraic reductions 
and algebraic equalities cause problems of consistency, albeit differently. 

Let Ym — (Xx(M + (x) x)) \x(M + (x) x). In a system with algebraic 
reduction, the term Ym — Ym reduces to 0, but also reduces to M + Ym — 
Ym and hence to M, breaking confluence. To solve this issue, several distinct 
techniques can be used to make an algebraic calculus confluent. In [6], restrictions 
on reduction rules are introduced, e.g. a.M + /3.M — > (a + (3).M if M is closed 
normal. In [3, 4, 7, 22, 24], type systems are set up to forbid diverging terms such 
as Y M - 

In a system with algebraic equalities, if M and N are any terms, the term M 
reduces to M + Y^-m — Yn-m, therefore to N. In X a i g a restriction to positive 
scalars is proposed to solve the problem. However such a solution does not work 
in a system with algebraic reduction (cf Section 3). 

In this paper we do not make a choice a priori, instead we show that the 
simulations between the four calculi are correct, providing a general enough 
methodology to work in a large variety of restrictions on the language. Therefore, 
we do not force one specific method to make the calculi consistent, leaving the 
choice to the reader. 

Plan of the paper. In Section 2, we define the set of terms and the rewrite 
systems we consider in the paper. In Section 3, we discuss the confluence of the 
algebraic rewrite systems. Section 4 is concerned with the actual simulations. 
In Section 4.1 we consider the correspondence between algebraic reduction and 
algebraic equality whereas in Section 4.2 and 4.3 we consider the distinction call- 
by-name versus call-by-value. In Section 4.4, we show how the simulations can 
compose to obtain the correspondence between any two of the four languages. 
In Section 5 we conclude by providing some paths for future work. Most of the 
omitted and sketched proofs are fully developed in the appendix. 

2 Algebraic A-calculi 

The languages Xu n and X a i g share the same syntax, defined as follows: 



M,N,L: 


■- V | (M) N | a.M \ M + N (terms), 


U,V,W : 


:=0 | B | a.V | V + W (values), 


B : 


:= x | XxM (basis terms), 



where a ranges over a ring, the ring of scalars. We use the notation M — N 
as a shorthand for M + (— l).iV. Note that we could have asked for a semiring 
instead; in fact we shall see in Section 3.2 that the analysis we develop here can 
be adapted to semirings of scalars. 





call- by- name 


call- by- value 


algebraic 
reduction 


^alg 


^Im 


algebraic 
equality 


^alg 


^lin 



cf. Definition 1 
Fig. 1. The four algebraic A-calculi. 
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Fig. 2. Relations between the languages. 



We provide a complete formalisation of the rewrite rules and show how they 
relate to each other. We summarise in Figure 3 all the rewrite rules that are 
being used. 

The rules are grouped with respect to their intuitive meaning. We use the 
usual notation regarding rewrite systems: Given a rewrite system R, we write 
R* for its reflexive and transitive closure. That is, xR*y is valid if y = x or if 
there exists a rewrite sequence x Rx\R ■ ■ ■ Rx n Ry linking x and y. We write 
R^ for the symmetric closure of R, that is, the relation that satisfies x R^ y if 
and only if x R y or y Rx. 

The original languages Xu„ and X a i g made particular assumptions both on the 
reduction strategy and the handling of algebraic structure under the reduction. 
In this paper, we consider separately the distinction call-by-name/call-by-value 
and the distinction algebraic equality/algebraic reduction. We develop therefore 
four languages: a call-by-value language X Un with algebraic equality, a call-by- 
value language X lin with algebraic reduction, a call-by-name language A~ ; with 
algebraic equality and a call-by-name language X al with algebraic reduction. 

These four languages are summarised in Figure 1. 

Definition 1. We use the following notations for the rewrite systems obtained 
by combining the rules described in Figure 3: 

-^ a :=AUL(J£ ^:=A,UA r ULU(U £ A «„ -►/?. := 0„ U f U &«,. 

-►« ■= K)„ -►/ ■= {-+t)„ -^ ■■= Pn U £ 

We define the following four languages and their associated rewrite systems: 



Language 


Corresponding Rewrite System 


*lin 


-^U/3 ■= (~^)U (-&•£„) 


\in 


^Fu/3 : = (->e) U (-^J 


X alg 


-^aua ■= (->•») u (-►/?„) 


*alq 


^aU£ : = (~*a) U H/?n) 



3 Discussion on consistency and confluence 



3.1 Local confluence 



In this section we show that the four languages X lin , X al , X lin , and X al are 
locally confluent. A rewrite system R is locally confluent if whenever xRy and 



Specific 


rules 


FOR \Z q AND A a! „ 


Call- by- name (/3 n ) 




Linearity of the application (A) 


(\xM) N -> M[x :=N] 




(M + N) L -> (M) L+(N) L 
{a.M) N -> a.(M) AT 
(0) M -> 


Specific 


RULES 


TOB A,7„ and Aj„ 


Call-by- value (/3„) 




Context rule (£a,„) 


(AzM) B -> M[z := B] 

Linearity of 


M -»• M' 


(V) M -f (V) M' 

THE APPLICATION 


Left linearity (Ai) 




Right linearity (A r ) 


(M + N)V -> (M) V + (TV) 
(a.M) V -> a.(M) V 
(0) V -> 


V 


(B) (M + N) -> (B) M + (B) W 
(B) (a.M) -> a.(B) M 
(B) -> 


Common rules 


Ring rules 


(L = 


Asso U Com UFUS) 


Associativity (Asso) 




Commutativity (Com) 


M + (N + L) -> (M + AT) + I 

(M + AT) + L -> M+{N + L) 




M + N -> AT + M 


Factorization (F) 




Simplification (S) 


a.M + ji.M -> (q + /3).M 
a.M + M -> (a + l).M 
M + M -> (1 + 1).M 
q.(/3.M) -> (a/3).M 




a.(M + W) -> a.M + a.Af 
l.M -> M 

0.M -> 
Q.O -> 
+ M -> M 


Context rules (£) 


M -j- M' M -> M' 




AT -> AT' M -> M' 


(M) AT -f (M') N M + N ^ M' 


+ N 


M + N -> M + Af' a.M -> a.M' 



Fig. 3. Rewrite rules with 17, V and W values, B a basis term, M,M',N,N' and L 
any terms. 



xite there is t such that j/i?*i and zR*t. In comparison, a rewrite system R is 
confluent if whenever xR*y and cci?*z there is t such that yi?*i and zR*t. Notice 
that confluence implies local confluent whereas the inverse is not true. 

We first concentrate on the algebraic rules. For each of these calculi, we use 
the reductions describing the algebraic structure: — > a and — >£ correspond to an 
oriented rewriting description whereas — >= and — >j correspond to a description 
by equalities (since every rewrite rule can be reversed, cf. Definition 1). 

Lemma 1. The rewrite systems — > a , — ^, — y= and — >J are locally confluent. 



Proof. For — >£ and — > a , we give a semi- automatised proof in the interactive 
theorem prover Coq [8] . The interested reader can find the proof in [23] which is 
sketched in the appendix. Since for any rewrite system R, its symmetric closure 
R^ is trivially locally confluent, both — >= and — >j are locally confluent. □ 

The rewrites systems considered in this paper are also locally confluent in 
the presence of the /3-rewrite rules. 

Lemma 2 (Local confluence). The four languages in Figure 1 are locally 
confluent. 

Proof (Sketch). The local confluence of the algebraic fragment is proven in 
Lemma f . The beta-reduction is confluent using a straightforward extension of 
the confluence of lambda calculus. Finally, the beta-reduction and the algebraic 
fragments commute, making each rewrite system locally confluent. □ 

3.2 Simulations and the confluence issue 

In this section, we show that the algebraic fragments are confluent modulo asso- 
ciativity and commutativity. Concerning the full languages, we show that they 
are either not confluent or trivially confluent (in the sense that any term is reduc- 
ing to any other). As a consequence, we introduce a generic notion of language 
fragment to describe confluent and consistent sub-languages. In particular, frag- 
ments are used in simulations theorems in Section 4 for abstractly representing 
confluent sub-languages. 

The algebraic fragment. It is clear that neither — > a nor — >£ is strongly normalis- 
ing: with both systems one can go back and forth between M + N and N + M . 
They are however strongly normalising "modulo associativity and commutativ- 
ity" in the sense that any rewrite sequence consists eventually of terms that 
are equal modulo associativity and commutativity. On the contrary, the rewrite 
systems — >= and — >J are not. 

In order to formalise this, let us denote AC the system generated by AC = 
Asso U Com and R the rewrite system obtained by taking off the rules Asso and 
Com where R stands for — j- n or — >g. Hence, =F^" stands for the system generated 
by A U S U F U £ and =F7 for the system generated by Ai U A r U S U F U £ U £a«„ . 

Definition 2. Let R be either — >g or — > a and M1RM2R ... be a reduction 
sequence (finite or not) characterised by the set of terms { Mi } . and the set of 
rules { Ri } i used to go from, Mi to Mi + \, where Ri stands for a fixed rule in R. 
We say that the reduction is AC-finite if the set of indices i such that Ri £ R is 
finite. The AC-length of the rewrite sequence is the cardinal of this set of indices. 
The rewrite system R is AC-strongly- normalising (AC-SN) if for any term M, 
there exists a number n such that the AC-length of any rewrite sequence starting 
at M is less than n. A term M is AC-normal with respect to a rewrite system 
R if any rewrite sequence starting with M consists only of rules AC. 



Theorem 1. The systems — >•„ and — >£ are AC-SN. 

Proof. We use the technique described in [6]. An auxiliary measure is defined 
on terms by \{M) N\ = (3|M| + 2)(3|7V| + 2), \a.M\ = 1 + 2|M|, \M + N\ = 
2 + \M\ + \N\, 1 1 = 0, |Aa;.M| = 1 and \x\ = 1. This measure is preserved by 
rules AC and strictly decreasing on the other algebraic rules. □ 

Local confluence plus strong normalisation implies confluence (see for exam- 
ple [21]). 

Corollary 1. The rewrite systems — > a and — >£ are confluent, modulo AC. □ 

Although we have proved that the four languages under consideration are 
locally confluent, neither X lin nor X, is confluent: In each one, the term Ym—Ym 
rewrites both to and M, where Ym = (Ax {M + (x) x)) \x (M + (x) x). 

Regarding X hn and A~ ; , without restriction both are trivially confluent since 
for all terms M and N, M reduces to N: M = M+Y N _ M -Y N - M -»■ N. Hence, 
with the algebraic equality, both languages can simulate any rewrite system. 

For getting back consistency, it is of course possible to modify the rewrite 
systems as in [6] but it would break the correspondence between call-by-value 
and call-by-name. In this paper we propose instead to restrict the set of terms. 
In the literature, there have been two methods: 

With algebraic equalities, Vaux [26] considers non-negative scalars (semiring) 
on a language with algebraic equality. The restriction on scalars is enough for 
getting unicity of normal forms. Although this solves the consistency problem 
for the languages with algebraic equality, it does not give confluence for the 
languages with algebraic reduction. Indeed, consider the critical pair Ym+Ym -^e 
2.Y M , Ym+Ym ->p v Y M +M+Y M -+i 2.Y M +M. The term 2.Y M can only produce 
an even number of M's: we cannot close the pair. 

With algebraic reductions, other papers [3, 4, 7] use type systems for retriev- 
ing strong normalisation on a language with algebraic reduction. This technique 
could be directly adapted to our setting since it is possible to have subject re- 
duction in these cases. 

The simulations theorems that we develop in this paper are correct in a 
general untyped setting (and in fact trivially true when we simulate a language 
with algebraic reduction with a language with algebraic equality as remarked 
above), but also true if one restrict the scalars to a semiring (as done in [26]), 
or if we restrict the terms to any typed setting, provided that the languages 
\ Un and X al satisfy subject reduction and that the CPS translations preserve 
typability. Thus, in this paper we do not restrict the calculi a priori, instead, we 
propose a notion of language fragments to parametrise the simulation results. 
The definition of fragment is general enough to capture many settings: various 
typed systems, but also the restrictions to a given set of terms such as the set 
of AC-SN terms or taking scalars from a semiring. 

We define formally a fragment in the following way: 

Definition 3. A fragment S of X lin (resp. X al ) is a language defined on a sub- 
set of terms closed under —t^jp -reduction (resp. -^ a u/3 -reduction) . The rewrite 
system of S is inherited from the one of X lin (resp. X, ). 



The definition of a fragment in the presence of algebraic equalities should 
be treated carefully. Indeed, note that the algebraic equalities arc defined as 
M -^ = N if and only if M — ^ N or N — > M. As a consequence, for any subset S 
of terms closed under — > = -reduction, if M is in S then for any N (in S or not), 
M+N-N e S since M -^ = M+N-N. We therefore need to define the algebraic 
equality with respect to the particular subset of terms under consideration. 

Definition 4. A fragment S of Xf m (resp. \~i q ) is a fragment of \ Un (resp. 
\~2i„) together with an algebraic equality defined as M^tj s N (resp. M—t^N) if 
and only if M,N E S and JV-^M or M^ e N (resp. N^ a M or M^ a N). The 
(3-reduction is not modified. 

Convention 1 When referring to a fragment of X( in (resp. X~i Q ), we use the 
abuse of notation — >j (resp. — >2) instead of — >j s (resp. — >2 S ) f or the restricted 
rewrite system, when the fragment under consideration is clear. 

4 Simulations 

The core of the paper is concerned with the mutual simulations of the four 
languages. 

The first class of problems relates algebraic reduction with algebraic equality. 
If simulating a language with algebraic reduction with a language with algebraic 
equality is not specially difficult, going in the opposite direction is not possible 
in general. Indeed, if =i Ym — Ym^p v Ym + M — Ym =t M is possible in X Un , 
(where Ym = (Aa; (M + (x) x)) \x (M + (x) x)) it is difficult to see how one 
could make go to M in X^ in without further hypotheses. In this section, we 
show that a fragment of a language with algebraic equality can be simulated by 
the corresponding fragment with algebraic reduction provided that the latter is 
confluent (Theorems 4 and 5). 

The second class of problems is concerned with call-by-value and call-by- 
name. In this paper, the simulations of call-by-name by call-by-value and its 
reverse are treated using continuation passing style (CPS), extending the tech- 
niques described in [15, 18] to the algebraic case (Theorems 6, 7, 8 and 9). 

The results are summarised in Figure 2. Solid arrows correspond to results 
where no particular hypothesis on the language is made. Dashed arrows corre- 
spond to results where confluence is required. 

4.1 Algebraic reduction versus algebraic equality 

As the relation -^eup is contained in — >J u a and the relation — > a uf3 is contained 
in — i^yfl, the first simulation theorems are trivial. 

Theorem 2. For any term M if M^ aUfj N, then M^= ufj N. □ 

Theorem 3. For any term M if M-^eupN, then M->J U/3 A. □ 



The simulations going in the other direction are only valid in the presence of 
confluence. In the following two theorems, the algebraic equality is defined with 
respect to the considered fragment (see Definition 4.) 

Theorem 4. For any term M in a confluent fragment of X~^ n , if M— >jJgV, 
then M-*$ U/3 V', with V->J*V. 

Proof. First note that a value can only reduce to another value. This follows by 
direct inspection of the rewriting rules. We proceed by induction on the length 
of the reduction. 

- If M^J U *M, then choose V = M and note that M^ U/3 M. 

— Assume the result true for M—tjJtV: there is a value V such that M—}* u oV' 
and V— >J*V . Let TV— >J U/3 M. Case distinction: 

• N^ 0v M, then N->p v M->% up V' which implies N^ ufj V'. 

• N^jM, then either N^pM, and then this case is analogous to the 
previous one, or M—t^N. Due to the confluence of the subset, there 
exists a term L such that N^* u aL and V— >^L, implying that L is a 
value, thus V'^J*L. Then we have V'^j*L and V^rj*V, so L^j*V , 
closing the case. □ 

Theorem 5. For any term M in a confluent fragment of A , , if M—t^JgV, 
then M^* ufj V, with V^l*V. 

Proof. Similar to the previous theorem. □ 



4.2 Call-by-name simulates call-by-value 

To prove the simulation of X lin with X al and the simulation of X^ in with A~j_, we 
introduce an algebraic extension of the continuation passing style used to prove 
that call-by-name simulates call-by- value in the regular A-calculus [18]. 

Let [•] : A\ lin — > A\ a[g be the following encoding where /, g and h are fresh 
variables. 

[x] = Xf {f) x, [0] = 0, 

\XxM\ = Xf {f) Xx [M], [(M) Nj = Xf ([M]) Xg ([JV]) Xh ((g) h) f, 

[a.M] = Xf (a.[Ml) /, [M + N] = Xf ([M] + [TV]) /. 

Let <F be the encoding for values defined by F(x) — x, F(0) = 0, F(XxM) = 
Xx [M], F(a.V) = a.F(V), F(V + W) = F(V) + F(W). Note that this encoding 
is compatible with substitution (proof by induction on M) : 

Lemma 3. \M[x := B}\ = [M][x := F(B)] with B a base term. □ 

Using this encoding, we can simulate A^ n with A^ , as formalised in the 
following theorem. The sketch of the proof is developed in the second part of 
this section. 
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Theorem 6 (Simulation). For any term M if M—t* u gV where V is a value, 
then(lM])\xx^* aup V(V). 

Example 1. For any terms M and N, let (M, N) := Xy ((y) M) N. Let copy be 
the term Ax (x, x), and let U = Xx Ni and V — Xx N2 be two values. Then 
(copy) (17 + F)->* u/3 (U, U) + {V, V) and (copy) (U + V)->% (U + V,U + V). 
We consider the simulation A^ n to A7 . The translation [(copy) (U + V)\ is 
A/ ([copy]) Xg (\U + V])Xh ((g) h) f, where [copy] is the term Xf (/) Xx \{x,x)\, 
with [(M, N)j being Xf (/) #«M, iV)), [(7 + V] being Xf ([(7] + [V]) /, and [[/] 
being A# (5) #(C/). We now rewrite M = ([(copy) ([/ + V)j) Xz z in A^ g . 

M ^ aU/3 ([copy]) A.g ([(7 + V\)Xh ((g) h) Xz z 

= (Xf (f) Xx \(x, x)\) Xg ([[/ + Vj)Xh ((g) h) Xz z 

-^aup (Xg ({U + Vj) Xh ((g) h) Xz z) Xx [{x, x)j 

-^aup ([U + V])Xh ((Xx l(x, x)j) h) Xz z 

^au^ (PI + [Vj) Xh ((Xx [(x, x)j) h) Xz z 

-^ aufj ([[/]) Xh ((Ax l(x, x)j) h)Xzz + ({V}) Xh ((Ax [(x, x)j) h) Xz z 

-+* u/3 (Xh ((Ax [(x, x)j) h) Xz z) $(U) + (Xh ((Ax [(x, x)j) h) Xz z) V(V) (*) 

<uf) HM [fo *>1) *{U)) \z z + ((Ax [(x, x)j) V(V)) Xz z 

^: u(s (l(x,x)j[x:=9(U)})Xzz + (l(x,x)j[x^^(V)})Xzz 

^* aU p(l(U,U)l)Xzz + (l(V,V}l)Xzz (Lemma 3) 

<u (A« z) $({U, U)) + (Xz z) ff«V, V)) (**) 

= ^((c/,c/) + (T/,y)) 

Similarly, one can relate fragments of A~; to fragments of XJ in as follows. 

Theorem 7 (Simulation). For any two fragments Se of XJ in and S a of X~ t 
such that V-M G Si, (\M\) Xxx G S a , and for any term M in Si, if M—tjJtV 
where V is a value, then ([M]) Axx— ^^(V). 

Again, the sketch of the proof is developed later in the section. 

Remark 1. As we already noted several times in this paper, without restricting 
the languages, Theorem 7 would be trivial. Any term reducing to any other 
one, the desired reduction would be of course valid without restriction. This 
theorem shows that if the calculi are restricted to fragments, the result is still 
true. One example of such fragments is found by taking the restriction of scalars 
to non- negative elements, as in [26]. 

Once a term is encoded it can be reduced either by — >* u g or by — >* u a (re- 
spectively — >=u* or — >j u t) without distinction, and still obtain the same result. 
We state this fact as a corollary: 



Corollary 2 (Indifference). (1) For any term M, if M—}* u gV where V is 
a value, then ([M]) Ax x—>* u/3 <P(V); (2) For any fragment S of XJ in such that 
VM G S, ([M]) Axx G S, and for any term M in S, if M—tjJtV where V is a 
value, then ([M]) Xxx^jJp&(V). 
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reductions — >* u g are done by rules common in both languages. □ 



Proof. It suffices to check the proofs of Theorems 6 and 7 to verify that all the 

f a\Jfi 

Example 2. Note that in Example 1 one could have as well rewrite with -^mp 
which illustrates the indifference property (Corollary 2). 

Now we proceed to prove Theorems 6 and 7. The proof in [18] can be extended 
to the algebraic case. 

An administrative operation. We define a convenient infix operation (:) capturing 
the behaviour of translated terms. For example, if B is a base term, i.e. a variable 
or an abstraction, then its translation into X~^ lg is [B] = Xf (/) &(£>). If we apply 
this translated term to a certain K, we obtain (Xf (/) &(B)) K^> aU p(K) \P(B). 
We define B : K = (K) 9(B) and get that ([£]) K^ aUfs B : K. This fact will 
be generalised to ([M]) K— > a upM : K in Lemma 4. 

Definition 5. Let (:) : A\ Un x A\ al — > A\ al be the infix binary operation defined 
b V : n.K-n (0)'k:K = 

B-K = (K) 9(B) (B)N:K = N:Xf ((*(*)) /) K 

M N KlM K + N-K (M + N)L:K=((M)L + (N)L):K 

+ + ((M)N)L:K=(M)N:Xg{{L\)Xh((g)h)K 

Lemma 4. If K is a base term, then for any M, ([M]) K—** u gM : K . 

Proof. Structural induction on M. We give the case M = (M 1 ) N, as an example. 
First an intermediate result is needed: for any M, M : Ag([iV]) Xh((g) h) K 
-^au/3 (M) N : K. This can be proved by structural induction on M. 

Then ([(M') TV]) K = (Xf (\M'\) \g{\Nj) Xh((g) h) f) K which -^ aljp - 
reduces to ([M']) Xg ({Nj) Xh((g) h) K. Note that Xg(\N\) Xh((g) h) K is 
a base term, so by the induction hypothesis the above term reduces to M' : 
Xg ([-/V]) Xh ((g) h) K which by the previous intermediate result, -^ aU/ 3-reduces 
to (M') N : K. D 

The following lemmas and its corollary state that the (:) operation preserves 
reduction. 

Lemma 5. If M-> t N then VK base term, M : K^* a N : K. 

Proof. Induction on the possible rule applied from M—^eN. We give one simple 
case as an example. Let a.(M + N) -^ a.M + a.N. Then a.(M + N) : K = 
a.(M :K + N:K)^ a a.(M : K) + a.(N : K) = a.M + a.N : K. U 

Lemma 6. If M^ iufj N then MK base term, M : K^* U/3 N : K. 

Proof. If M—^gN, then use Lemma 5. If M—>/s v N, then we prove it by induction 
on the possible rule applied (either f3 v , £a«„ ot °nc of £). We give the case of 
the /^-reduction as an example: (Xx M) B : K = B : Xf ((V(Xx M)) f) K = 
(Xf((<P(Xx M)) f) K) &(B), /3„-rcducing to the term ((W(XxM))^(B))K = 
((Xx \M\) 9(B)) K which /3„-reduces to \M\[x := &(B)] K, equal by Lemma 3 
to \M[x := B}] K. By Lemma 4, it ->-* u/3 -reduces to M[x := B]:K. D 
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Corollary 3. If M^J U0 N then \/K base terms, M : K-t= u *pN : K. 

Proof. By case distinction. If M—>e u pN, then by Lemma 6, M : K^* uj3 N : K, 
which implies M : K^=^ fj N : K. If N^ e M, then by Lemma 5, N : K-^* a M : K, 
which also implies M : K^=* fj N : K. □ 

Finally, the (:) operation also captures the translation of values in the fol- 
lowing way: 

Lemma 7. For any value V, V : Xxx—¥* u g\lf(y) 

Proof. We proceed by structural induction on V. Let Vbea base term. Then 
V: Xxx = [Xx x)^(V)^- aUB ^(V). Let V = V 1 +V 2 . Then V : Xxx = V Y : Xxx + 
Vi : Xxx, which by the induction hypothesis, reduces to &(Vi) + X P(V2) = &(V). 
Let V — a.V. Then V : Xxx = a.(V : Xxx), which by the induction hypothesis, 
reduces to a&(V) = &(V). Let V = 0. Then V : Xxx = = &(V). D 

Example 3. We discuss Example 1 in the light of these results. The term (*) 
is equal to the terms (copy) (U + V) : Xz.z and ((copy) U + (copy) V) : Xz.z. 
The term (**) is equal to the term ((U,U) + (V, V)) : Xz.z which reduces to 
&({U, U) + (V, V)). So we do have the rewrites requested by Lemmas 4, 6 and 7. 

Now the proofs of Theorems 6 and 7 go as follows. 

Proof (Proof of Theorem 6). From Lemma 4, ([M]) Xxx— >* U »M : Xxx and from 



Lemma 6, it — >*ya-reduces to V : Xxx. From Lemma 7, V : Xxx-+* uB \P{V). □ 



Proof (Proof of Theorem 7). From Lemma 4, ([M]) Xxx— >* v aM : Xxx, and 
this implies that (JM]) Xxx— ^JaM : Xxx. From Corollary 3, this latter term 
— >„ijfl- reduces to V : Xxx. From Lemma 7, V : \xx—¥* u g\P(V), which implies 
that V : \xx->= u *p\P(V). Note that since ([M]) Xxx G S a , M : Xxx is also in 
Si due to the closeness under — >•= of S a . The same applies to M : Xxx, thus also 
to V : Xxx and finally to \P(V). D 



4.3 Call-by-value simulates call-by-name 

The simulation of X^ with Xj* n . To state that X lin simulates X al , we use an al- 
gebraic extension of the continuation passing style encoding following again [18]. 
Let {|-|} : A^, — > X^ n be the following encoding where f,g and h are fresh 
variables. 

M=*. |0hA/(0)/, 

{XxM}= Xf(f) Xx^Ml fl(M) N}= Xf(m) A<? ((g) {N}) /> 

l«-M}= A/ (a.flMfr) /, flM + 7VH A/ (flM^ + fliV}) /• 

This encoding satisfies two useful properties (the first is a trivial result and the 
second follows by induction on M). 
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Lemma 8. For all terms M , the term \M\ is a base term. □ 

Lemma 9. §M[x := N]$ = {|M[}[a; := §N$]. D 

Let <P be the encoding for values defined by <P(x) — (x) Xy y, <?(0) = 0, <P(Xx M) = 
Xx\M§, $(a.V) = a.$(V), <P(V + W) = <P(V) + <P(W). Simulation theorems, 
similar to Theorems 6 and 7, can be stated as follows. 

Theorem 8 (Simulation). For any program M (i.e. closed term), if M^* UI3 V 
where V is a value, then ({|M[j-) Am->* u »$(7). 

Theorem 9 (Simulation). For any two fragments S a of \~ t and St of XJ in 

such that VM e S a , (§Mfy) An £ Si, and for any program M in S a , if 
M^= u *gV where V is a value, then ({|M[j-) \x x->J v g<I>(V) . 

A result similar to Corollary 2 can also be formulated. It is proven in a similar 
manner. 

Corollary 4 (Indifference). (1) For any program M , if M— >* u aV where V is 
a value, then ({|M[j-) Xx x^-* u/3 <P(V); (2) For any fragment S of X~ al such that 
VM 6 S, ({|M|}) Xx x £ S , and for any program M in S, if M—i^JgV where V 
is a value, then ({|M|}) Xx x->= v *p@(V) . D 

Before moving to the description of the proof of Theorems 8 and 9, let us 
consider an example. 

Example 4- Wc illustrate Theorem 8 using the term (copy) (U + V) of Example 1 
which reduces to (U, U) + (V, V) in X^ n and to (U + V, U + V) in X^ lg . The trans- 
lation {](copy) (U + V)i is the term Xf (-flcopyj) Xg ((g) {U + V$) /, where ^copyj 

]sXf(f)Xx{(x,x)l{(M,N)}]sXf(f)^(M,N)),{U+V}isXf(m+{V})f 
and {|E/|} is Xg (g) $(U) We now rewrite N = (K c °Py) (U + V)$) Xz z in X^ lg . 

N ^ iu/3 (^copyj) Xg ((g) {U + V})Xzz 

= (\f(f)\x{(x,x)})\g((g){U + Vb)\zz 
-Hup(\9((g)W + V})\zz)\x{(x,x)} 
-+tup((Xx{(x,x)}){U + V})\zz (***) 

(Lemma 8) -^ £U/ 3 ({ (x, x) }[a; := {U + V$}) Xz z 

(Lemma 9)= (j (U + V, U + V)$) Xz z 

-^ £U/ 3 (Xz z) ${{U + V, U + V)) (****) 

Proof of the simulation theorems. In Section 4.2, the proofs of the simulations 
theorems were performed using an administrative operation ":" and three inter- 
mediate results, as follows (the term K is taken as a base term). (1) Prove that 
(\M\)K^* aUfj M : K; (2) prove that if M-^ iup N then M : K^* ayjp N : K; (3) 
prove that if V is a value, V : \x.x—}* u g\P(V). For the simulation theorems of 
the present section, we use a similar procedure. 
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An administrative operation. We keep the same notation for the administrative, 
infix operation defined for the purpose of the proof. 

Definition 6. Let (:) : A\ , x A\ u — > A\ u be the infix binary operation defined 
by: 0:K = (0)N:K = 



B:K=(K) <P(B) 
a.M :K = a.(M : K) 

M + N :K = M : K + N : K 



(B)N:K=((4>(B)) {N})K 
(a.M) N : K = a.(M) N : K 
(M + N) L: K = ((M) L + (N) L) : K 
((M) N)L:K = (M) N:X f ((f) $L}) K 



The three lemmas needed for the proof of the simulation theorems now read 
as follow. 

Lemma 10. If K is a base term, for any closed term M ({|M|}) X— s-| u/3 M : K . 

Proof. The proof is done by structural induction on M. We follow the sketch 
of the proof of Lemma 4, and give the case M = (M 1 ) N, as an example. First 
we prove by induction on M that M : Xg ((g) |JVf) K^ U/3 (M) N : K. Then 
(KM') JVfr) K = (Xf(iM'ff) Xg((g) fliVfr) /) K^^(W\) Xg ((g) flJVfr) K. 
Note that Xg ((g) |iV|}) K is a base term, so by the induction hypothesis the 
above term reduces to M' : Xg ((g) §Nff) K which by the previous intermediate 
result, ->£ U/3 -reduces to (M 1 ) N : K. D 

Lemma 11. If M-+ aU pN then MK base term, M : K^* u pN : K 

Proof. Case by case on the rules of A^„ • We give the case of the /3„-reduction 
as an example: (Xx M) N : K = (($(Xx M)) §N$) K = ((Ax {|JW|) flJV|) K 
which by Lemma 8, — s^u^-reduces to ({]M|}[x := -jA^])^ This, by Lemma 9, 
is equal to ({|M[x := N]\) K and this, by Lemma 10, -^* U/3 -reduces to M[x := 
N] : K. Note that in the previous derivation, the reduction (Ax \M§) | N§ -^eup 
{|M[}[x := {|iV|}] is valid since for any term N, |AT|} is a base term. D 

Lemma 12. IfV is a value and K is a base term, V : \x X—}* u g$(V) . □ 

Example 5. We discuss Example 4 in the light of these results. The term (***) 
is equal to the terms (copy) (U + V) : Xz.z. The term (****) is equal to the term 
(U + V, U + V) : Xz.z which reduces to <P({U + V,U + V)). Again, we have the 
rewrites requested by Lemmas 10, 11 and 12. 

We are now ready to prove the simulation theorems. As advertised, these 
proofs reflect the exact same structures of the proofs of Theorems 6 and 7. 

Proof (Theorem 8). From Lemma 10, ({|M|}-) Axx— >* U/3 M: Axx, from Lemma 11 
it -^| u/3 -reduces to V : Axx. From Lemma 12, V : Axx— >* u/3 4>(V). D 



Proof (Theorem 9). From Lemma 10, ({]M[}) Asi->* ufi M : Axx, and this im- 



plies that (-JAf(}) Axx— >jJgM : Axx. A result equivalent to Corollary 3 can 
be shown as easily: if M—t^N then for all base terms K, M : K—>J*N : 
K. This entails that M : Axx — ^5-reduces to V : Axx. From Lemma 12, 
V : Xxx^* uj3 <P(V), which implies that V : Axx— >eJp$(V). Note that since 
(HMJ) Axx G St, M : Axx is also in St due to the closeness under — >J of St. 
The same applies to M : Axx, thus also to V : Axx and finally to &(V). □ 
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4.4 The remaining simulations 

In Figure 2, some arrows are missing. We are now showing that the already 
existing arrows "compose" well. The first two simulations are A a; — > XJ in and 
X lin — » X~, and do not require confluence. 

Theorem 10. For any program M, if M— >* u aV (resp. M~>* u/:s V) where V is 
a value, then ([M]) Xxx^= u *^(V) (resp. ({|M|}) \xx->J [ jp${V)). 

Proof. Given that M->* up V, by Theorem 6, ([M]) \xx-*Z u/} &(V), which by 
Theorem 2 implies ([M]) Xxx^= u * ^(V). Analogously, given that M^* ufj V, by 
Theorem 8, (-{]M[}) Xx x -^•* u «<?(V r ), which by Theorem 3 implies that ({|iW|) Axx 

The other two simulations are A~ ; — >• A Kn and A^ n — > A a/ and they do 
require confluence. 

Theorem 11. For any program M in a confluent fragment of X hn (resp. X~~ al ), 
ifM^-jJ^V (respectively M->= u *pV) then ([M]) Xxx-^* U ^(V) with V->J*V 
(respectively (-flMfl-) Xxx^ up $(V) with V^=*V). 

Proof. Given that M—^jJoV and that M is in a confluent fragment, Theo- 
rem 4 states that M^-* u oV' with V— >J*V . In addition, Theorem 6 states that 
([M]) Xx x^* ul3 <F(V'). The other result is similar using Theorems 5 and 8. □ 



5 Conclusion and perspectives 

In this paper we described four canonical algebraic lambda-calculi with vectorial 
structures, recapitulating the few existing means of writing such a language. We 
show how each language can simulate the other, by taking care of marking where 
confluence is used or not. 

As already shown by Plotkin [18], if the simulation of call-by- value by call- 
by-name is sound, it fails to be complete for general (possibly non-terminating) 
programs. A known solution to this problem is developed in [19]. Recent work 
[1] shown that the technique can be adapted to the algebraic case to retrieve 
completeness. The work [19] develop a Galois connection between call-by-name 
and call-by-value. A direction for study is to build on this work to also get a 
Galois connection in the algebraic case. 

Concerning semantics, the algebraic A-calculus admits finiteness spaces as 
a model [12,13]. What is the structure of the model of the linear algebraic 
A-calculus induced by the continuation-passing style translation in finiteness 
spaces? The algebraic lambda-calculus can be equipped with a differential oper- 
ator. What is the corresponding operator in call-by-value through the transla- 
tion? 
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A Omitted proofs 

A.l Proof of Lemma 2 

Proof. 

— If M — > N and M — > TV', using only algebraic rules, then this has been 
already proven in Lemma 1. 

— If M — > N and M —} N', using only beta-reduction, this is a trivial extension 
of the confluence of lambda calculus. 

— If M — > N by an algebraic rule and M — > TV' by beta reduction, then in 
A^ n a term of the form (Ax M') B has to be a subterm of M, since M 
beta-reduces. Note that M' cannot reduce since it is under a lambda and 
B cannot reduce since it is a base term. Then the beta-reduction and the 
algebraic-reduction are independent in A lin , and so this result is trivial. In 
■Kiln a term of the form (Ax M') N has to be a subterm of M. Note that 
M' cannot reduce since it is under a lambda and N cannot reduce since it 
is an argument. Then again the beta-reduction and the algebraic- reduction 
are independent in A al , and so this result is trivial. 

A. 2 Proof of Lemma 3 

Proof. Structural induction on M. 

— M — x. Cases: 

• B = y. Then M[x := B] = y, and so [M[x := B\\ = Af (/) y = 
Af(f) x[y/x) = lMl[x:=V(B)]. 

• B = AyN. Then {M[x := B]\ = Af (/) Ay {N\ = Af (/) x[Ay \ 
[M\[xi=$(B)]. 

— M = y. Then \M[x := B\\ = \M\[x := <P(B)} -- 

— M — 0. Analogous to previous case. 

— M = Ay N. Then 

l(\yN)[x:=B]] = [\y(N[xi=B])] 

= Af (f) Ay {N[x := B]\ 

by the induction hypothesis 
= A/(/) \y{N\[x:=9(B)] 
= (Af(f) \y[N\)[x:=#{B)\ 
= lM}[x:=*(B)\ 

— M = (TVi) N 2 . Then 

{M[x:=B]\ = l((N 1 )N 2 )[x:=b]\ 

= {{N 1 [x:=B])N 2 [x:=B]\ 

= Af ({N^x := B]\) Ag ({N 2 [x := B}}) Ah ((g) h) f 
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by the induction hypothesis 
= \f([N 1 ][x:=#(B)]) Xg(lN 2 j[x:=9(B)}) ^((g) h) f 
= XfdNij) Xg{[N 2 }) Xh((g) h) f[x := 9(B)] 
= {(N 1 )N 2 \[x:=9(B)\ 
= {M\[x:=9(B)} 



- M = a.N. Then 



[M[x:=B}l = l(a.N)[x:=B}l 
= [a.(N[x := £?])] 
= \f(a.[N[x:=B]]f) 

by the induction hypothesis 

= \f(a.lN][x:=9(B)]f) 
= (\f(a.{N}f)){x:=9(B)} 

= [a.N][x:=$(B)] 
= [M][s:=#(B)] 



- M = Ni + N 2 . Then 

lM[x:=B}] = l(N 1 +N 2 )[x:=B}] 

= lN 1 [x:=B]+N 2 [x:=B]j 

= \.f((lN 1 [x:=B}j + lN 2 [x:=B]j)f) 

by the induction hypothesis 
= \f (({N,] [x := 9(B)] + [N 2 ] [x := 9(B)]) f) 
= (\f((lN 1 j + lN 2 l)f))[x:=9(B)] 
= [N 1 +N 2 ][x:=$(B)] 
= lMj[x:=9(B)} 

A. 3 Proof of Lemma 4 

Proof. Structural induction on M. 

- M = x. Then ([x]) K = (A/ (/) x) K^ aU p(K) x = x:K. 

- M = XxN. Then ([Ax A/]) k = (A/ (/) \x [N]) K and by definition of 9 
this is equal to (A/ (/) 9(XxN)) K^ aU p(K) 9(XxN) = Xx N :K. 

- M = 0. Then ([0]) K = (0) K^ aUfj = 0:K. 

- M = M' + N. Then (\M' + Nj) K = (A/ ([M'| + [AT]) /) K which ^ aU/3 - 
reduces to (\M'\ + {Nj) K^ aU p([M']) K + (\N\) K which -> aU/ ,-reduces 
by the induction hypothesis to M' : K + N : K = M' + N : K. 

- M = a.N. Then ([a.A/]) K = (A/ (a. [AT]) /) A^ aU/3 (a.[Al) AT which 
— > aU/ g-reduces to a. ([AT]) K) and this, by the induction hypothesis, — > a \jfj- 
reduces to a.(N : K) — a.N : K. 
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- M = (M') TV. Then (J(M') TV]) X = (A/([M']) A3 ([TV]) Aft ((3) ft) /) if 
which -> aU/3 -reduces to (\M'\) A3 ([TV]) Xh((g) ft) X. Notice that the term 
Xg ([AT]) Aft ((3) ft) if is a value, so by the induction hypothesis the above 
term reduces to M' : Xg ([TV]) Aft ((g) ft) if. We do a second induction, over 
M', to prove that M' : Xg ([iV]) Aft ((g) ft) K-> aUf) (M') TV : if. 

• If M' = (Mi) M 2 , then M' : A3 ([TV]) Aft ((g) ft) if = ((Mi) M 2 ) iV : 
if = (M') TV : if . 

• If M' is a base term, then M' : A3 ([TV]) Aft ((g) ft) if is equal to 
(A.g([/V]) Aft ((g) ft) if) &(M')^ aU0 (lN]) Xh((*(M')) ft) if which by 
the main induction hypothesis -4 aU/ 3-reduces to TV : Aft (('P(M')) ft) if, 
and this is equal to (M') TV : if . 

• If M' = a. Mi, then the term M' : A3 ([TV]) Aft ((g) ft) if is equal to 
a.Mi : A3 ([TV]) Aft ((3) ft) if = a. (Mi : A3 ([TV]) Aft ((3) ft) if) which 
by the second induction hypothesis — > aU/ 3-reduces to a. ((Mi) TV : if) = 
(a.Mi) TV: if = (AT) TV : if . 

• If M' = Mi + M 2 , then M' : A3 ([TV]) Aft ((3) ft) if = Mi + M 2 : 
A3 ([TV]) Aft ((g) ft) if which is equal to Mi : A3 ([TV]) Aft ((g) ft) if + 
M 2 : A3 ([TV]) Aft ((g) ft) if which — s- aU/ g-reduces by the second induction 
hypothesis to (Mi) TV : if + (M 2 ) TV : if = (Mj +M 2 ) TV : if = (M 1 ) TV : 
if. 

• If M' = then M : Xg ([TV]) Aft ((g) ft) if = : A3 ([TV]) Aft ((g) ft) if = 
= (0) TV : if = (M 1 ) TV : if 

A. 4 Proof of Lemma 5 

Proof. Case by case on the rules —¥(,. 

Rules A r 

- (B) (M + N)-*e(B) M + (B) TV, with B being a base term. Then 
(B) (M + N) : K = M + TV : Xf ((&(B)) f) K = M : Xf ((&(B)) f) K + 
TV : Xf ((W(B)) f) K = (B) M : K + (B) N : if = (B) M + (B) TV : if. 

- (B) a.M^ia.(B) M, with 5 base term. Then (B) a.M : K = ot.M : 
Xf((*(B)) f) K = a.(M : Xf ((*(B)) f) K) - a.((B) M : if) = 
a.(B) M : if. 

- (B) 0^0, with B a base term. Then (B) : if = : Xf ((&(B)) f) K = 
= : if . 

Rules Ai 

- (M + N) V->t(M) V + (TV) V, with F being a value. Then (M + TV) F : 
if = (M) V + (TV) V : K . 

- (a.M) V^ e a.(M) V), with V being a value. Then (a.M) V : K = 
a.(M) V :K. 

- (0) V^iO, with V a value. Then (0) V : K = = : if . 
Rules F and S 

- a.(M + N)^ e a.M + a.N. Then a.(M + TV) : if = <x(M : if + TV : 
if)-)- a.(M : if) + a. (TV : if) = a.M + a.N : if. 

- a.M + p.M->t(a + /3).M. Then a.M + /3.M : if = a.(M : if) + f3.(M : 
K)^ a (a + H).(M :K) = (a + fi).M : if. 
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- a.M + M-^(a + 1).M. Then a.M + M : if = a.M : if + M : K = 
a.(M : if) + M : K-> a (a + 1).(M : if) = (a + 1).M : if. 

- M + M-^(1 + 1).M. Then M + M : K = M : K + M : K-> a (l + l).(M : 
if) = (1 + 1).M :K. 

- + M-*tM. Then + M : if = (0 : if) + (M : if) = + (M : K)^ a M : 
if. 

- a.{(3.M)^ e {al3).M. Then a.{/3.M) : K = a.((3.M : if) = a.(/3.(M : if)) 
which -> a -reduces to (a/3).(M : if) = (a(3).M : if. 

- l.M-^M. Then l.M : K = l.(M : K)^ a M : if. 

- O.M-^0. Then 0.M : if = 0.(M : if)-> a = : if . 

- a.0^ £ 0. Then a.O : if = a.(0 : if) = a.0^ a = : if . 
Rules Asso and Com 

- M+(N + L)->e(M + N) + L. Then M-\ 
K) = M : K + (N : K + L: K)-> a (M 
if + L : K = (M + N) + L : if . 

- M + N^ e N + M. Then M + N : K = M : K + N : K^ a N : K + M : 
K = N + M : K. 

Rules £ and ^a,„ Assume M—tiM', and assume that for all if base term, M : 
if — ^*M' : if. We show that the result also holds for each contextual rule. 

- M + A-^M' + N. Then M + A : K = M : K + N : if->-*M' : if + A : 
if = M' + A :K. 

- N + M—>gN + M', analogous to previous case. 

- a.M->ea.M'. Then a.M : K = a.(M : K)^* a a.(M' : if) = a.M' : if. 

- (V) M-^(V) M'. Case by case: 

• V = B. Then (B) M : if = M : Xf ((&(B)) f) K which -^-reduces 
by the induction hypothesis to M' : Xf {{&{B)) f) K = (B) M' : if. 

• V = {). Then (0) M : K = = (0) M' : if. 

• V = a.W. Then (a.W) M : if = a.(W) M : if = a.((W) M : if) 
which — > a -reduces by the induction hypothesis to a.((W) M' : if) = 
a.(W) M' : if = (a.VK) M' : if. 

• y = Vi + V2. Then (Vi + V2) M : if = (Vl) M + (V 2 ) M : if = 
(Vi) M : if + (V2) M : if which ^ a -rcduces by the induction hy- 
pothesis to (Vi) M' : if + (V2) M' : if = (Fl) M' + (V2) M' : if = 
(Vi + y 2 ) M' : if. 

- (M) N^i(M') N Case by case: 

• M — B. Absurd since a base term cannot reduce. 

• M = a. Mi. Case by case on the possible — ^-reductions of M: 

* M ' = a.M[ with M 1 ^ e M' 1 . Then (a.Mi) N : K = a. (Mi) A^ : 
if = a. ((Mi) A^ : if) which by the induction hypothesis — > a - 
rcduces to a.((M{) N : K) = a.{M[) N : K = (a.M{) TV : if. 

* M = a.(/3.M 3 ) and M' = (a/3).M 3 . Then (a.(/3.M 3 )) N : K = 
a.(/3.((M 3 ) A^ : if))^ a (a/3).((M 3 ) AT : if ) = ((a/3).M 3 ) A^ : if. 

* M = a.{Li+L 2 ) and M' = a.Li+a.L 2 . Then {a.{L 1 +L2)) N : 
K = a.((Li) A^ : if + (L 2 ) A : if)^ a a.((Li) A : if ) + 
a.((i 2 ) A : if ) = (a.Li + a.L2) A" : if. 
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* a = 1 and M' = M x . Then (l.Mi) N : K = l.((Mi) AT : 
K)^ a (M x ) N : K. 

* a = and M' = 0. Then (O.Mi) N : K = 0.((Mi) iV : AT)^ a O = 
(0) AT : AT. 

* Mi = and M' = 0. Then (a.O) N : K = a.((0) N : K) = 
a.0^ a = (0) AT : AT. 

M = Mi + M2. Case by case on the possible —^-reductions of M: 

* M' = M{ + M 2 with Mi-^M{. Then (Mi + M 2 ) N : K = 
(Mi) AT : AT + (M 2 ) AT : AT which by the induction hypothesis 
-^-reduces to (M[) N : K + (M 2 ) AT : K = (M{ + M 2 ) AT : AT. 

* M' = Mi + M 2 with M 2 ^tM 2 . Analogous to previous case. 

* M 2 = L-i + L 2 and M' = (Mi + L x ) + L 2 . Then (Mi + (£1 + 
A 2 )) N : K = (Mi) AT : AT + ((la) AT : K + (A 2 ) AT : K) and 
this -^-reduces to ((Mi) N : K + (Ai) N : K) + (L 2 ) N : K = 
((Mi+Ai)+A 2 ) N :K. 

* Mi = Li + A 2 and M' = L\ + (A 2 + M 2 ). Analogous to previous 
case. 

* M' = M 2 +Mi. Then (Mi+M 2 ) N : K = (Mi) AT : AT+(M 2 ) AT : 
K^ a (M 2 ) N :K + (Mi) AT : AT = (M 2 + Mi) N : K. 

* Mi = a.M 3 , M 2 = /3.M 3 and M' = (a + /3).M 3 . Then (a.M 3 + 
/3.M 3 ) N : K = a.((M 3 ) JV : A') + /3.((M 3 ) A^ : #)-►„(<* + 
/3).((M 3 ) A^ : Af) = ((a + /3).M 3 ) AT : Af. 

* Mi = a.M 3 , M 2 = M 3 and M' = (a + 1).M 3 . Analogous to 
previous case. 

* Mi = M 2 and M' = (1 + l).Mi. Analogous to previous case. 
M = 0. Absurd since does not reduce. 

M = (Mi) M 2 . Then the term ((Mi) M 2 ) N : K is equal to 
(Mi) M 2 : Ag ([A/]) Aft ((g) ft) AT, which by the induction hypothesis 
— > a -reduces to M' : Xg ([AT]) Aft ((5) ft) AT. We do a second induction, 
over M', to prove that M' : Xg ([AT]) Aft ((g) ft) Jf-y (M' ) AT : K. 

* If M' = (M{) M£, then M' : Xg ([A/]) Aft ((5) ft) A" is equal to 
((M{) M' 2 ) N :K = (M') AT : AT. 

* M' cannot be a base term since from (Mi ) M 2 it is not possible 
to arrive to a base term using only — >£. 

* If M' = a.M{, then M' : Ag([A?]) Aft ((g) ft) K = a.M{ : 
A 5 ([AT]) Aft ((. 9 ) ft) A- = a.(M{ : Ag([iV]) Aft ((g) ft) AT) which 
— > a -rcduces by the induction hypothesis to a.((M{) N : K) = 
(a.M[) N : K = (W) N : K. 

* If M' = M[ + M' 2 , then the term M' : Xg ({Nj) Aft ((g) ft) K 
is equal to M[ + M 2 : Xg ({Nj) Aft ((g) ft) K which is equal 
to M[ : Xg({Nj) Aft ((g) ft) AT + M^ : Ag([iV]) Aft ((g) ft) K 
which — > a -reduces by the induction hypothesis to (M[) N : K + 
(M£) N : K = (M[ + M£) N : K = (M') AT : AT. 

* If M' = then M' : Xg({N\) Aft ((g) ft) AT is equal to : 
Ag ([AT]) Aft ((g) ft) K = = (0) N : K = (M 1 ) N : K 
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A. 5 Proof of Lemma 6 

Proof. Case by case on the rules of Xu n . 
Rule j3 v 

(Xx M) B:K = B: Xf ((&(\x M)) f) K 

= {Xf{{*{XxM))f)K)*{B) 

-►/}„ {{${XxM))${B))K 

= {{Xx{M\)*{B))K 

(Lemma 3) = [M[x := B)\K 
(Lemma 4) -^* U/3 M[x := B] : K 

Algebraic rules If M-+gN, then by Lemma 5 M : A— >* A : K which implies 

that M : K^l up N : K. 
Rules £ and £\ lin If M—y^M', then we use Lemma 5 to close the case. Assume 

M^p v M', and assume that for all K base term, M : K^* uf3 M' : K. We 

show that the result also holds for each contextual rule. 

- M + JV-^M' + N. Then M + N : K = M : K + N : K^* uf3 M' : 
K + N :K = M' + A : K. 

- N + M—^0 v N + M', analogous to previous case. 

- a.M-^^a.M'. Then a.M : K = a.(M : K)^-* u0 a.(M' : K) = a.M 1 : 
K. 

- (V) M^pjV) M'. Case by case: 

• V = B. Then (B) M : K = M : Xf {{&{B)) f) K which -+ aU p- 
reduces by the induction hypothesis to M' : Xf ((^(B)) f) K = 
(B) M' : K. 

• V = 0. Then (0) M : K = = (0) M' : K. 

• V = a.W. Then (a.W) M : K = a.(W) M : K = a.((W) M : K) 
which — > aU/ g-rcduces by the induction hypothesis to a.((W) M' : 
K) = a.(W) M' : K = (a.W) M' : K. 

• V = Vi + V 2 . Then (Vi + V 2 ) M : K = (Vi) M + (V 2 ) M : K = 
(Vi) M : K + (V 2 ) M : K which — > aU/ g-reduces by the induction 
hypothesis to (Vi) M' : K+ (V 2 ) M' : K = (Vi) M' + (V 2 ) M' : K = 
(Vi + V 2 ) M' : K. 

- (M) N^p v (M') A Case by case: 

• M — B. Absurd since a base term cannot reduce. 

• M = a. Mi. The only possible —>p v -reduction from M is M' — 
a.M[ with Mi->^M{. Then (a.AfJ N : K = a.(Mi) N : K = 
a. ((Mi) N : K) which by the induction hypothesis — > aU ^-reduces to 
a.((Mi) N :K) = a.(M[) N : K = (a.M[) N : K. 

• M = Mi + M 2 . Case by case on the possible —tp v -reductions of M: 

* M' = M[ + M 2 with Mi-+p v M[. Then (m\ + M 2 ) N : K = 
(Mi) N : K + (M 2 ) A^ : K which by the induction hypothesis 
^ a u/3-reduccs to (M[) N : K + (M 2 ) N : K = (M[+M 2 ) N : K. 
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* M' = Mi + M 2 with M 2 — \$ v M! 1 . Analogous to previous case. 

• M = 0. Absurd since does not reduce. 

• M = (Mi) M 2 . Then the term ((Mi) M 2 ) A : A is equal to 
(Mi) M 2 : A.g([A]) Aft ((5) ft) A, which -^ aU/3 -reduces, by the in- 
duction hypothesis, to M' : Xg ([A]) Aft ((g) h) K. We do a second 
induction, over M', to prove that M' : Xg ([A]) Aft ((g) ft) K -> a up- 
rcduces to (M') A : A. 

* If M' = (M[) M^ then M' : Xg ([A]) Aft ((g) h) A is equal to 
((M[) M' 2 ) A : K = (M') A : A. 

* If M' is a base term, then the term M' : Xg ([A]) Aft ((g) ft) A 
is equal to (Xg (\N\) Aft ((g) ft) A) &(M') which -^ aU/3 -reduces 
to ([A]) Xh((&(M')) ft) A which, by Lemma 4, -^ aU/3 -rcduccs 
A : Aft (OP-(M')) ft) A = (M') A : A. 

* If M' = a.M{, then M' : A.g([A]) Aft {{g) h) K = a.M[ : 
Xg([N\) Xh((g) h)K = a.(M[ : \g{[N\) Xh((g) ft) K) which 
—>au^- r educes by the induction hypothesis to a.((M[) A : K) = 
(a.M[) A : K = (M 1 ) A : A. 

* If M' = M[ + M^ then the term M' : A 3 ([A]) Aft ((g) ft) A 
is equal to M{ + M' 2 : Xg(\N\) Xh((g) ft) K which is equal 
to M[ : A 3 ([A]) Xh((g) ft) K + M 2 : A.g([A]) Xh((g) ft) K 
which — > aU/ g-reduces by the induction hypothesis to (M[) A : 
A + (Af£) A : A = (M[ + M£ A : A = (AT) A : A. 

* If M' = then M' : Xg(\N\) Xh((g) ft) A is equal to : 
Xg ([A]) Aft ((g) ft) A = = (0) A : A = (AT) A : A 

A. 6 Proof of Lemma 9 

Proof. Structural induction on M. 

- M = x. Then -^[x := N]$ = ^ = x[x := $N$] = |4[x := {]A|]. 

- M = y. Then fly [3 := N}$ = y = {y^[x := fliVfr]. 

- M = 0. Analogous to previous case. 

- M = XyM'. Then 

«AyM')[x := A]fr = flAj/(M'[a: := A])J 

= A/(/) A^M'[x:=A]^ 

by the induction hypothesis 
= A/(/) Ay|M'}[ i: HiV|] 
= (A/(/) A2/^Ml)[x:=^Aj] 

= {M}[x:=m] 

- M = (Ai) A 2 . Then 

|M[ar:=A]^ = -a((A 1 )A 2 )[ a; :=A]fr 

= |(iVi[ a ::=iV])iV 2 [ 3 ;:=JV]| 



2.1. 



= Xfdmlx := N]$) Xg((g) $N 2 [x := N}$) f 

by the induction hypothesis 
= Xf({N4[x := flJV}]) A. 9 ((g) |iV 2 J[x := {Nj}) f 

= {Xf{{N^)\g{{g)\N^)f)\x:=m\ 
= fl(JVx) JV^s := fliVfr] 



M = a.M'. Then 



4M[s:=J\WHMO[s:=JV]fr 
= {a.(M'[x := N])b 

= \f {a4M'[x := N\m) f 

by the induction hypothesis 

= \f (a4M'}[x := {N}]) f 

= Xf (a.iM%) f{x := m] 



- M = N X + N 2 . Then 

^M[x := 7V]J = 4(JVi + 7V 2 )[x := JV]|> 

= {iVi[x := JV] + iV 2 [a; := JV]} 

= \f ({N& := N}$ + $N 2 [x := N]b) f 
by the induction hypothesis 

= Xf ({N4[x := W] + {N 2 }[x := W]) / 

= A/((WKW)/[*:=W] 

= 4#i + ^H* == W] 

A. 7 Proof of Lemma 10 

Proof. Structural induction on M. 

- M = XxN. Then (JAx A^) If = (\f (/) Ax -flAT}) X and by definition of <f> 
this is equal to (Xf (/) $(Xx N)) if^ U/3 (if) <P(Xx N) = XxN : K. 

- M = 0. Then (flO}) if = (A/ (0) /) K-^u P (0) K-^ufiO = : if . 

- M = M' + N. Then ({M' + iV|» if = (Xf (flM'|> + W) /) #->/u/j(W + 
{|Ar|}) if which — ^u^-reduces by the induction hypothesis to M' : K + N : 
K = M' + N : if. 

- M = a.TV. Then (JaJVl) if = (A/(a.{]A^) /) if-^uM^-W) if which 
— >£u£- r educes to a.(||Ar|}) if) and this, by the induction hypothesis, — >«u/3- 
reduces to a. (N : if) = a. N : if. 
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- M = (M>) N. Then (fl(M') A^) X = (A/ ({M'fr) A.g ((g) fliVfr) /) if which 
-►^-reduces to (§MJ) Xg ((g) flA|) X. Note that Ag((g) fliV|}-) if is 
a value, so by the induction hypothesis the above term reduces to M' : 
^9 ((9) H^B') K- We do a second induction, over M', to prove that M' : 
\g((g)m)K^(M<)N:K. 

• If M' = (Mi) M 2 , then M' : Xg ((g) {|A|) K = ((Mi) M 2 ) N : K = 
(M 1 ) N : if. 

• If M' is a base term, M' : Xg ((g) {|iV|}) if = (A.g ((g) {|iV|}) if) <2>(M') 
which ^ £U/ 3-reduces to ((#(M')) {|A^) if = (M') AT : if. 

• If M' = a.Mi, then a.Mi : Ag ((g) fliVfr) if - a.(Mi : Ag ((g) ^) if) 
which — ^lu^-reduces by the induction hypothesis to a. ((Mi) N : if) = 
(a. Mi) N : K = (M 1 ) N : if. 

• If M' = Mi+M 2 , then M' : Ag ((g) {JA|) if = Mi+M 2 : Ag ((g) {jA|) if 
which is equal to M x : Xg ((g) {|A?|) K + M 2 : Ag ((g) \N$) K which 
—t* u g -reduces by the induction hypothesis to (Mi) N : if + (M2) A~ : 
if = (Mi + M 2 ) iV : if = (M') N : if. 

• If M' = then M' : Ag ((g) {|A?|) if = : Ag ((g) {|A|) if = = (0) iV : 
if = (M') iV : if 

A. 8 Proof of Lemma 11 

Proof. Case by case on the rules of X a i Q . 

Rule j3 v 

(Xx M) N :K = (($(Xx M)) \N\) if 
= ((Ax ({M})) m) K 
(since {|AT|} is a base term) -^ £U/ 3 flM|}[a; := (-JiVf)] if 
(Lemma 9) = -jM[x := JV]|J- if 
(Lemma 10) -^* U/3 M[x := iV] : if 

Rules A - Let (M + AT) L^ aUfj (M) L + (N) L. (M + N) L : K = ((M) L + 
(N) L) : if. 

- Let (a.M) N^ aUfj a.(M) N. (a.M) N : K = a.(M) N : K 

- Let (0) iV-> oU /}0. (0) N : K = = : if 
Rules F and S 

- a.(M + N)^ aUfj a.M + a.N. Then a.(M + N) : K = a.(M : K + N : 
K)^ eu pa.(M : K ) + a.(N : K ) = a.M + a.N : if. 

- a.M+/3.M-^ aU 0(a + /3).M. Then a.M + fl.M : K = a.(M : if)+/3.(M : 
K)->tup(a + P)-(M :K) = (a + /3).M : if. 

- a.M + M^ aup (a + 1).M. Then a.M + M : K = a.M : K + M : if = 
a.(M : if ) + M : K^ eup (a + 1).(M : if ) = (a + 1).M : if. 

- M + M^ QU/3 (1 + 1).M. Then M + M:if = M:if + M: if-^uM 1 + 
1).(M : if) = (1 + 1).M: if. 

- + M->- aU/3 M. Then + M : if = (0 : if ) + (M : if ) = + (M : 
K)-^eu P M : if. 
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- a.(P.M)-> aUI }(aP).M. Then a.(/3.M) : A = a.(/3.M : A) = a.(/3.(M 
if)) which -^y^-reduces to (a/3).(M : A) = (a(3).M : K. 

- l.M-> aU/3 M. Then l.M : if = l.(M : K)^ eufs M : K. 

- O.M-> aU/ gO. Then O.M : if = 0.(M : if )-^u/30 = : if . 

- a.0^ aU/3 0. Then a.O : if = a.(0 : if) = a.0-^u/30 = : if . 
Rules Asso and Com 

- M+(N+L)-> aU p(M+N)+L. Then M+(N- 
K) = M : A + (A : K + L : K)-+ eu p(M : if 4 
if + L : if = (M + TV) + L : K . 

- M + N^ aup N + M. Then M + A : A = M : A + A : K^ iup N : 
K + M : A = A + M : if . 

Rules £ Assume M— > aU/ gM', and that for all if base term, M : K — >* u gM' : if. 
We show that the result also holds for each contextual rule. 

- M + N-> aUf) M' + A. Then M + N : A = M : K + A : A^* U/3 M' : 
if + TV : K = M' + A : if. 

- A + M— > aU/ gA + M', analogous to previous case. 

- a.M-> aU(s a.M'. Then a.M : A = a.(M : if )-^ u/3 a.(M' : if) = a.M' : 
if. 

- (M) N-* aU p(M') A Case by case: 

• M = B. Absurd since a base term cannot reduce. 

• M = a. Mi. Case by case on the possible — > aU/ 3-reductions of M: 

* M' = ol.M[ with Mi-> aU/3 M{. Then (a.Mi) N : if = a.(Mi) TV : 
if = a. ((Mi) TV : if) which by the induction hypothesis — ^u/3- 
rcduces to a.{{M[) TV : if ) = a.(M{) TV : if = (<%M{) TV : if. 

* M = a.(/3.M 3 ) and M' = (a/3).M 3 . Then (a.(/3.M 3 )) TV : if = 
a.(/3.((M 3 ) TV : A))^ u/3 (a/3).((M 3 ) A : if ) = ((a/3).M 3 ) A : 
A. 

* M = a.(Ai + £ 2 ) andM' = a.Li + a.L 2 . Then (a.(Ai+A2)) A : 
A = o.((Li) A : A + (A 2 ) A : A)^aj/3a.((Ai) A : A) + 
a.((A 2 ) A : A) = (a.Ii + a.A2) A : A. 

* a = 1 and M' = Mi. Then (l.Mi) A : A = l.((Mi) A : 
A)-^ u/3 (Mi) N ■ K - 

* a = and M' = 0. Then (O.Mi) A : A = 0.((Mi) A : 
A)^ u/3 = (0) A : A. 

* Mi = and M' = 0. Then (a.O) A : A = a.((0) A : A) = 
a.0-^u/90 - (0) A : A. 

• M = Mi + M 2 . Case by case on the possible -7- aU ^-reductions of M: 

* M' = M[ + M 2 with M 1 -^ aU pM[. Then (Mi + M 2 ) A : A = 
(Mi) A : A + (M 2 ) A : A which by the induction hypothesis 
-^u/3-reduces to (M[) A : A+ (M 2 ) A : A = (M{ + M 2 ) A : A. 

* M' = Mi + M 2 with M 2 — > aU /3M 2 . Analogous to previous case. 

* M 2 = Li + A 2 and M' = (Mi + L x ) + L 2 . Then (Mi + (A x + 
L 2 )) A : A = (Mi) A : A + ((Ai) A : A + (A 2 ) A : A) which 
^u/3-reduces to ((Mi) A : A + (L x ) A : A) + (A 2 ) A : A = 
((Mi + Li) + L 2 ) A: A. 
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* Mi = L\ + L 2 and M' = L\ + (L 2 + M 2 ). Analogous to previous 
case. 

* M' = M 2 +Mi. Then (Mi+M 2 ) N : K = (Mi) TV : if +(M 2 ) A : 
K^ eufl (M 2 ) A : A + (Mi) A : A = (M 2 + Mi) A : X. 

* Mi = a.M 3 , M 2 = /3.M 3 and M' = (a + /3).M 3 . Then (a.M 3 + 
/3.M 3 ) A : if = a.((M 3 ) N : K)+ /3.((M 3 ) A : K)-+tufi{a + 
/3).((M 3 ) AT : if) = ((a + /3).M 3 ) TV : if. 

* Mi = a.M 3 , M 2 = M 3 and M' = (a + 1)M 3 . Analogous to 
previous case. 

* Mi = M 2 and M' = (1 + 1).M\. Analogous to previous case. 

• M = 0. Absurd since does not reduce. 

• M = (Mi) M 2 . Then ((Mi) M 2 ) A : A is equal to (Mi) M 2 : 
Ag ((g) {]A[}-) if, which by the induction hypothesis — >^u/3- r educes to 
M' : Xg ((g) {]iV|}) if. We do a second induction, over M', to prove 
that M> : Xg ((g) { N}) if-i^(M') A : if . 

* If M' = (M[) M 2 , then M' : Xg ((g) $N§) K = ((M{) M' 2 ) A : 
A = (M 1 ) N : if . 

* If M' is a base term, then M' : Xg ((g) §Nj) A is equal to 
(A 5 ((ff) m) K) <P(M')^ eufs ((<P(M')) flJV|» A = (M') A : A. 

* If M' = a.M{, then a.M[ : Xg ((g) ^N^) A is equal to a.(M[ : 
^9 ((9) HAJ) A) which — ^^-reduces by the induction hypoth- 
esis to a.((M[) A : A) = (a.M[) A : K = (W) A : K. 

* If M' = M[ + M 2 , then M' : Xg ((g) \Nl) K = M[ + M' 2 : 
*>9 ((9) W) K which is equal to M{ : Xg ((g) \N$) K + M 2 : 
^9 ((5) H AJ) A which — >* u/3 -reduces by the induction hypothesis 
to (M[) A : K + (M! 1 ) A : A = (M[+M^) A : A = (M') A : A. 

* If M' = then M' : Xg ((g) flAty) A = : A 3 ((.9) ^ AJ) A = 
= (0) A : A = (M 1 ) A : A 

B COQ proof of 1 

The proof of the local confluence of the algebraic fragments of X^ in and A^ are 
sufficiently monotonous so that one can ask a proof assistant to do them. For 
this purpose we use the library LocConf setting up some convenient tactics. The 
interested reader can find the whole set of files in [23] : 

— RW.v, ListTac.v and LocConf Tac.v are the files containing the library; 

— Llin.v and Lalg.v respectively contain the proofs for X lin and X al . 

To compile the files, you will need COQ v.8.2pll. and the Ssreflect extension 
v.1.2. Proceed with a flavour of: 

$ coqc RW.v ListTac.v LocConf Tac.v 
$ coqc Llin.v 
$ coqc Lalg.v 

To check that no particular assumption were made, you can use 
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$ coqchk -o Llin 
$ coqchk -o Lalg 

B.l Summary of the proof. 

We summarise the content of Llin.v and Lalg. v. 
Let us first define the set of scalars. 

Variable scalar : Set . 

Variable Sadd : scalar -> scalar -> scalar. 
Variable Smul : scalar -> scalar -> scalar. 
Variable SO : scalar. 
Variable SI : scalar. 

Notation "A + B" := (Sadd A B) : scalar_scope . 
Notation "A * B" := (Smul A B) : scalar_scope . 

Open Scope scalar_scope . 



Hypothesis S_0_l_dec 
Hypothesis S_0_lunit 
Hypothesis S_0_lelim 
Hypothesis S_l_lunit 



~ SI = SO. 

forall a, SO + a = a. 

forall a, SO * a = SO. 

forall a, SI * a = a. 
Hypothesis S_rdistrib : forall a b c, a*(b+c) = (a*b)+(a*c) . 
Hypothesis S_ldistrib : forall a b c, (a+b)*c = (a*c)+(b*c) . 
Hypothesis S_add_assoc : forall a b c, (a+b)+c = a+(b+c) . 
Hypothesis S_mul_assoc : forall a b c, (a*b)*c = a*(b*c). 
Hypothesis S_add_commut : forall a b, a+b = b+a. 
Hypothesis S_mul_commut : forall a b, a*b = b*a. 

Close Scope scalar_scope . 

We then define the set of terms. Values and bases are properties on terms 
defined by induction. 

Inductive term : Set := 
TO : term 

Tadd : term -> term -> term 
Tmul : scalar -> term -> term 
Tvar : nat -> term 
Tlambda : term -> term 
Tapply : term -> term -> term. 

Notation "A +s B" := (Sadd A B) (at level 50) : term_scope. 
Notation "A *s B" := (Smul A B) (at level 40) : term_scope. 
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Notation 
Notation 
Notation 
Notation 
Notation 



'A + B" := (Tadd A B) : term_scope. 

•A '**' B" := (Tmul A B) (at level 35) : term_scope . 

'@ A" := (Tvar A) (at level 10) : term_scope. 

'A ; B" := (Tapply A B) (at level 30) : term_scope. 

'\ A" := (Tlambda A) (at level 40) : term_scope . 



Open Scope term_scope. 

Inductive is_value : term -> Prop := 
valTO : is_value TO 

valTlambda : forall s, is_value (Tlambda s) 
valTvar : forall n, is_value (Tvar n) 

valTmulbase : forall a s, is_value s -> is_value (a ** s) 
valTadd : forall s t, 

is_value s -> is_value t -> is_value (s + t) . 

Inductive is_base : term -> Prop := 

I baseTlambda : forall s, is_base (Tlambda s) 

I baseTvar : forall n, is_base (Tvar n) . 

The definition of local confluence is given in the file RW . v of the library: 

Section RW. 

(** The relation is on some terms *) 

Variable term : Set. 

(** It is a binary proposition *) 

Variable R : term -> term -> Prop. 

(** Transitivity closure of the relation *) 

Inductive Rstar : term -> term -> Prop := 

I Rzero : forall r, Rstar r r 

I Rcons : forall r t s, (R r s) -> (Rstar s t) -> (Rstar r t) . 

Definition local_conf luent := 

forall r s t, 

R r s -> R r t -> 

exists u, Rstar s u A Rstar t u. 

End RW. 
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B-2 A- 

We can now set up the rewrite system of A^„ . We use the notion of base for the 
right-linearity of the application. 

Section Term. 

Hypothesis R : term -> term -> Prop. 

(** Elementary rules *) 

Definition R_T0_runit := forall t, R (t + TO) t. 
Definition R_S0_anni := forall t, R (SO ** t) TO. 
Definition R_Sl_unit := forall t, R (SI ** t) t. 
Definition R_T0_anni := forall a, R (a ** TO) TO. 
Definition R_mul_abs := 

forall a b t, R (a ** (b ** t)) ((a *s b) ** t) . 
Definition R_ma_dist := 

forall a s t, R (a ** (s + t)) (a ** s + a ** t) . 
(** Factorization *) 
Definition R_add_fact := 

forall a b t, R (a ** t + b ** t) ((a +s b) ** t) . 
Definition R_add_factl := 

forall a t, R (a ** t + t) ((a +s SI) ** t) . 
Definition R_add_factll := forall t, R (t + t) ((SI +s SI) ** t) . 
(** Assoc, and commut . of addition *) 

Definition R_add_com := forall s t, R (s + t) (t + s) . 
Definition R_add_rassoc := 

forall r s t, R ((r + s) + t) (r + (s + t)). 
Definition R_add_lassoc := 

forall r s t, R (r + (s + t)) ((r + s) + t). 
(** Congruence *) 

Definition R_cong_mul := forall a s t, R s t -> R (a**s) (a**t) . 
Definition R_cong_ladd := forall u s t, R s t -> R (s+u) (t+u) . 
Definition R_cong_radd := forall u s t, R s t -> R (u+ s) (u+t) . 
Definition R_cong_lapp := forall u s t, R s t -> R (s;u) (t;u). 
Definition R_cong_rapp := 

forall u s t, is_value u -> R s t -> R (u;s) (u;t) . 
(** Linearity of application *) 
Definition R_add_app_ldist := 

forall r s t, is_value t -> R ((r + s);t) (r;t + s;t). 
Definition R_mul_app_ldist := 

forall a r s, is_value s -> R ((a**r);s) (a**(r;s)). 
Definition R_T0_app_ldist := 

forall s, is_value s -> R (T0;s) TO. 
Definition R_add_app_rdist := 

forall r s t, is_base t -> R (t;(r + s)) (t;r + t;s). 
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Definition R_mul_app_rdist := 

forall a r s, is_base s -> R (s;(a**r)) (a**(s;r)) 
Definition R_TO_app_rdist := 

forall s, is_base s -> R (s;T0) TO. 



End Term. 


Inductive R : term -> ter 


I axl : 


R_T0_runit R 


1 ax2 : 


R_S0_anni R 


1 ax3 : 


R_Sl_unit R 


1 ax4 : 


R_T0_anni R 


1 ax5 : 


ri._mul_abs R 


1 ax6 : 


ri,_ma_dist R 


1 ax7 : 


R_add_fact R 


1 ax8 : 


R_add_factl R 


1 ax9 : 


R_add_factll R 


1 axlO 


:R_add_com R 


1 axil 


:R_add_rassoc R 


1 axl2 


:R_add_lassoc R 


1 axl3 


:R_cong_mul R 


1 axl4 


:R_cong_ladd R 


I axl5 


:R_cong_radd R 


1 axl6 


:R_cong_lapp R 


1 axl7 


:R_cong_rapp R 


1 axl8 


:R_add_app_ldist R 


1 axl9 


:R_mul_app_ldist R 


I ax20 


:R_TO_app_ldist R 


I ax21 


:R_add_app_rdist R 


I ax22 


:R_mul_app_rdist R 


I ax23 


:R_TO_app_rdist R. 



-> Prop := 



The theorem stating the local confluence of R reads as follows: 

Theorem R_local_conf luence : forall r s t:term, 
(R r s) -> (R r t) -> 

exists u:term, (Rstar R s u) /\ (Rstar R t u) . 



B.3 A 



alg 



The rewrite system of A q; is simpler, since it does not consider values. 
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Section Term. 

Hypothesis R : term -> term -> Prop. 

(** Elementary rules *) 

Definition R_T0_runit := forall t, R (t + TO) t. 
Definition R_S0_anni := forall t, R (SO ** t) TO. 
Definition R_Sl_unit := forall t, R (SI ** t) t. 
Definition R_T0_anni := forall a, R (a ** TO) TO. 
Definition R_mul_abs := 

forall a b t, R (a ** (b ** t)) ((a *s b) ** t) . 
Definition R_ma_dist := 

forall a s t, R (a ** (s + t)) (a ** s + a ** t) . 
(** Factorization *) 
Definition R_add_fact := 

forall a b t, R (a ** t + b ** t) ((a +s b) ** t) . 
Definition R_add_factl := 

forall a t, R (a ** t + t) ((a +s SI) ** t) . 
Definition R_add_factll := 

forall t, R (t + t) ((SI +s SI) ** t) . 
(** Assoc, and commut . of addition *) 

Definition R_add_com := forall s t, R (s + t) (t + s) . 
Definition R_add_rassoc := 

forall r s t, R ((r + s) + t) (r + (s + t)). 
Definition R_add_lassoc := 

forall r s t, R (r + (s + t)) ((r + s) + t). 
(** Congruence *) 

Definition R_cong_mul := forall ast, Rst->R (a**s) (a**t) 
Definition R_cong_ladd := forall ust, Rst->R (s+u) (t+u) . 
Definition R_cong_radd := forall ust, Rst->R (u+ s) (u+t) 
Definition R_cong_lapp := forall ust, R s t -> R (s;u) (t;u). 
(** Linearity of application *) 
Definition R_add_app_ldist := 

forall r s t, R ((r + s);t) (r;t + s;t). 
Definition R_mul_app_ldist := 

forall a r s, R ((a**r);s) (a**(r;s)). 
Definition R_TO_app_ldist := forall s, R (T0;s) TO. 



term -> term -> Prop 



End Term. 




Inductive R 


: term 


1 axl 


R_T0. 


.runit R 


1 ax2 


R_S0. 


.anni R 


1 ax3 


R_S1. 


.unit R 


1 ax4 


R_T0. 


.anni R 
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1 ax5 


R_mul_abs R 


1 ax6 


R_ma_dist R 


1 ax7 


R_add_fact R 


1 ax8 


R_add_factl R 


1 ax9 


R_add_factll R 


1 axlO 


:R_add_com R 


1 axil 


:R_add_rassoc R 


1 axl2 


:R_add_lassoc R 


1 axl3 


:R_cong_mul R 


1 axl4 


:R_cong_ladd R 


I axl5 


:R_cong_radd R 


1 axl6 


:R_cong_lapp R 


1 axl8 


:R_add_app_ldist R 


1 axl9 


:R_mul_app_ldist R 


I ax20 


:R_TO_app_ldist R. 



The statement of local confluence for R is the same as in the previous section: 



Theorem R_local_conf luence : forall r s t:term, 
(R r s) -> (R r t) -> 

exists u:term, (Rstar R s u) A (Rstar R t u) . 



